Category Archives: Technology

Interested in finding out what are thoughts are on certain technologies? Here we discuss hardware, software, security and networking… everything from small annoying little challenges to big expensive implementation projects.

If even one of these forces is having a significant impact on your current or future business, then a solid information technology (IT) strategy that is aligned with the business will be critical for continued success.

We’ve created an evaluation form that will help you to quantify how well you understand the role that information technology plays in enabling your business to proactively and effectively address the forces of complexity. The higher your score, the more critical your need for a robust IT strategy that is aligned with your business pressures and goals.

Professional organizations often hire third-party experts to analyze business operations and make recommendations for improvement. For example, financial audits, quality audits, and process audits are common best practices for most businesses.

Beyond ensuring that processes are followed, third-party audits can help an organization step back from day-to-day activities, take stock of overall performance, and make the best decisions regarding resource allocation, budgets and priorities.

Yet, few organizations examine their IT operations in a similar fashion.

The Importance of IT Audits

IT is owned and operated to underpin both day-to-day business operations and long-term planning. The IT organization also provides the leadership and organizational structures, systems and processes that sustain and support business objectives. Today’s IT departments play such an integral role within corporate operations and governance that they should be subject to the same scrutiny as other groups.

An IT audit, conducted as part of an annual review or prior to a major project, can report critical information to the organization and its stakeholders on the following topics:

Overall performance: How is the IT organization doing? It is meeting best practices? Are there redundancies that can be eliminated? What efficiencies can the group take advantage of? What silos need to be broken down with other departments? Are there areas of risk that need to be addressed?

Compliance with regulatory requirements.

Budget constraints and staffing considerations.

Recommendations for new corporate projects, such as a new enterprise or line of business solution, a new collaboration solution, or an infrastructure migration.

Business activity gaps that should be addressed before documenting business activities in preparation for a workflow, collaboration or records management project.

Audit Areas

To be effective, an IT audit should examine three main aspects of the IT organization. These are:

IT Governance: Organizations planning major IT projects – such as a new business system, migration to the cloud, collaboration or other significant investment – need to ensure that the IT Department and technical teams within other business units are able to deliver. An IT audit should examine all governance aspects of the IT organization and evaluate factors such as the IT department’s corporate structure, existing systems and processes, capacity, track record on recent projects, etc.

Information Management: IT organizations must be able to develop (and manage) policies and procedures that promote efficient operations and support the rollout of new business initiatives. IT audits should therefore include an evaluation of the organization’s records management and account management practices, access privileges, policies, procedures, and standards.

Information Technology Security: IT risk is always present in a modern organization and companies should understand their external and internal IT vulnerabilities. An IT audit should contain a security component that examines potential infiltration points, flaws in line-of-business systems, fraud risks, device weaknesses, and security of email, web hosting, publishing environments and social media channels.

Actionable Results

By analyzing the above areas, a third-party expert can perform a comprehensive IT risk assessment of your organization. This assessment will provide you with the information you need to improve IT governance and effectively safeguard your organization against attacks that can damage your brand reputation or financial viability.

At Tango, we regularly conduct IT audits for our clients. Learn more about our IT auditing services or contact us to talk about your specific auditing needs.

If even one of these forces is having a significant impact on your current or future business, then a solid information technology (IT) strategy that is aligned with the business will be critical for continued success.

The following checklist will help you to evaluate the importance IT to your business’s success and future growth, and to assess your business’ “IT IQ”. For each statement, choose either Yes or No, and add up the values of all your answers.

We have a back-up and restoration strategy and redundant back-up systems.

0

5

We have a business continuity and disaster recovery plan that includes our IT systems.

0

5

The higher your score, the more critical your need for a robust IT strategy that is aligned with your business goals and strategy. Within each section, a score of 6 or higher indicates an opportunity or need for IT strategy that should not be ignored.

The Project Management Institute (PMI) runs an annual global survey of project management leaders and practitioners called the Pulse of the Profession. Last year, participants reported that 36% of projects failed to meet their original goals and business intent. These participants went on to report that when a project gets labeled as a failure, its budget is cut by one third.

This is especially problematic given that project support and maintenance costs kick-in post deployment. Suddenly, a project manager can find herself left with a third of her original budget to fix what went wrong, while responding to client requests for enhancements.

Turning to IT for Leadership & Structure

The IT Department can provide leadership and structure to systems and processes that help organizations attain strategic goals and objectives.

When your next corporate project kicks-off, it’s likely that IT will be involved, given that most business activities require at least one of their services – from hosting and development to workflow process automation.

Assessing Whether IT Can Deliver

Odds are good that IT’s deliverables will require a sizable portion of your budget, and their tasks will represent a significant amount of burn time within your project’s schedule. Depending the IT Department’s workload and available resources, you may be concerned about its capacity to deliver on time, on budget and in scope. If that’s the case, it’s time to perform an IT governance audit.

An IT governance audit will provide you with an assessment of your organization’s IT leadership and high-level IT activities. You’ll acquire a better understanding of:

IT’s corporate structure and leadership

Current capacity levels, ongoing and upcoming projects

The project management framework that will be applied to your tasks and deliverables

The effectiveness and efficiency of how existing systems and processes are being managed

Performance measurement, compliance and quality management practices

While you may have a sense of the corporate risk appetite, an IT governance audit will point out the project delivery, operations and service delivery risks. You can’t afford not to understand the risks associated with owning, operating and adapting technology to fit your operations.

Embrace IT governance, mitigate your risks, and your project will be a success!

Contact us at Tango Technology Group to schedule an IT Governance Audit.

Among other insights, a Deloitte Consulting survey of the perception of CIOs found that less than half of IT executives view their CIO as a strategist. And, only 10% of IT executives view their Chief Information Officers (CIOs) as a “revolutionary” who does things like uncovers new markets and revenue streams, translates IT for business, and interacts with C-level executives.

These are the kinds of expectations placed on CIOs today. They are being asked to contribute at the boardroom table and to the business’ bottom line. This is happening in companies of all sizes – and it’s just as relevant to expect IT to contribute to business strategy in a small- or mid-sized enterprise (SME).

IT Strategy for the SME

An SME is not likely in the position of being able to support a CIO function and organization. (Refer to this cost model for an IT department). In reality, a full-time CIO is probably not necessary for such companies, either – but IT strategy likely is. Very few businesses today are able to operate effectively without significant support of information technology. And we’re not just talking about PCs, laptops and a website!

An IT strategy is critical if your organization has any of these goals:

Compete in mobile markets

Pursue a robust social media strategy

Offer products and services via the cloud

Become more competitive by reducing costs and increasing operational efficiencies

Incorporate deep analytical features into products and services

Drive performance through business intelligence and analytics

The Virtual CIO

A virtual CIO is an ideal solution to ensure that an SME can meet goals like those listed above. A vCIO is a business and technology expert who provides CIO-level strategy, guidance and support to an executive team as an outsourced consultant.

Having a vCIO ensures that an organization’s IT strategy is aligned and positioned to help drive the business forward. Just as a Chief Financial Officer bears the responsibility of the finance department’s performance, the vCIO is responsible for ensuring that information technology investments and services also contribute to an organization’s performance.

The profile of an effective CIO is an individual who understands both the technology and the business. The role must create alignment between and company’s technology investments and the business’ strategic goals.

Technology in the Driver’s Seat

More and more, technology is driving new markets and is critical for businesses to succeed today. If your small- or mid-sized enterprise has doubts about whether its IT investments are doing any heavy lifting for the business, talk to us. We offer a vCIO service as well as a complete end-to-end managed IT service offering that makes strategic IT attainable for SMEs.

Cloud services are getting a lot of buzz these days. Although the concept and the technology have been around for some years now, Apple’s iCloud has recently brought cloud-based services to the attention of the masses. Cloud technology, storage availability and bandwidth have advanced such that cloud services are now accessible to businesses of all sizes. Tango Technology Group’s cloud services for SMBs help organizations to take advantage of that.

In a previous article, I outlined how the cloud can deliver real, practical value to small and mid-sized businesses. Here, I’d like to spend more time explaining what the cloud is and some of the options that are available for businesses.

About Cloud Computing

Cloud computing provides computing functions as a pay-per-use utility. In much the same way that hydro-electric power is delivered to your home from a central location, cloud computing delivers access to IT infrastructure and IT applications from a centralized location rather than a server at your premises.

The Benefits of Cloud Computing

Traditionally, software- and hardware-based business applications had to be installed and maintained on site, on desktops and/or on servers. Today, applications and even complete servers can be hosted by third parties on “cloud” infrastructure.

Maximize resources: Run lean with no need for dedicated real estate to safely and securely house IT infrastructure.

Pay per use: With hosted “cloud” services, you pay only for what you consume on a monthly basis.

Scale: Easily scale a cloud-based service up or down as your business and workforce needs change.

Types of Clouds

There are three general types of cloud-based models of relevance to Tango Technology Group’s clients. These are:

Public cloud – we make hosted Microsoft applications such as Exchange, SharePoint, and Dynamics CRM available to our clients on a pay-per-use basis. In addition, we have managed backup and business continuity services. Salesforce.com and Dropbox.com are two other well-known public-cloud services.

Private cloud – computing resources are dedicated to a single organization and can be hosted by us or at the client site.

Hybrid cloud – a combination of public and private cloud is implemented to leverage the best advantages of each to match the client’s specific needs or situation.

Tango’s experts can help you to determine the best cloud service model for your business’s needs, and can help you determine where the cloud fits within your IT strategy roadmap.

Cloud Computing vs. Server Virtualization: Don’t be Confused

Over time, “the cloud” has come to be used to refer to nearly any kind of technology, IT service, software or application that is disassociated from a specific piece of hardware. However, there is a distinction between the cloud and virtualization that is useful for purchasing decision makers to understand:

Server virtualization consolidates multiple pieces of server hardware to a single server that can then share its resources between multiple “logical” servers. Server virtualization is used extensively to build cloud infrastructures, but it does not in itself comprise a cloud. A virtual server may also be hosted in the cloud, or on premise. (You can read more about server virtualization on our Server Virtualization web page.)

Organizations that partner with Tango are assured that the best selection of technologies and delivery models are chosen for their business needs.

Cloud Computing Complements Managed IT Services

One of the best ways that an SMB organization can streamline its IT is by outsourcing its IT functions to a dedicated service provider that also offers cloud computing services. Doing so eliminates nearly every capital expenditure typically associated with server IT infrastructure. Specifically:

Managed IT services reduce or eliminate the need to hire and maintain IT personnel on site.

Cloud computing reduces the costs of IT services by providing pay-per-use access to business applications and services.

Cloud computing reduces or eliminates capital expenditures on servers and many other network infrastructures associated with traditional delivery models.

You can leverage economies of scale because your managed IT service provider is able to host cloud-based services on behalf of many clients.

Security and Other Important Considerations

Security of data, applications and systems is a concern for every company and those taking advantage of cloud-based services are no exception. Unauthorized third-party access to sensitive data must be managed in both traditional and cloud infrastructures.

As with any aspect of IT infrastructure management, cloud-services providers must deploy policies and best practices to protect cloud users. Tango follows the ITIL v3 process management system, a series of best practices and processes for the management of IT infrastructure. Our cloud services are delivered to customers through a secure, Tier 3 SAS 70 certified data centre. This ensures that both the services and the data are safe, reliable and quickly recovered in emergencies. Features include:

Biometric Access Control System with video surveillance

24x7x365 critical monitoring, alerting and reporting

Advanced redundant climate control systems

…and more.

Additional Reading

For more information about Cloud Computing, I recommend the following resources:

In this article on BrightHub, GFISecurityLabs’ David Kelleher talks about common IT mistakes that small and mid-sized business (SMB) customers make. Avoiding these pitfalls is possibly the best reason for an SMB to outsource its IT to a dedicated managed IT service provider.

Below, we take Kelleher’s Top-10 list as a jumping-off point and describe how we help our SME clients protect themselves from a variety of business risks with proactive, outsourced IT management.

Connecting systems [such as new computers and mobile devices] to the Internet before hardening them.

Part of our managed IT service is to provision gateway access controls (a.k.a. firewalls) to protect internal IT systems. We also provide anti-virus and spyware controls to all of a customer’s connected systems.

Connecting test systems to the Internet with default accounts/passwords.

When we provision new computers, mobile devices and other connected systems on behalf of our clients, changing default passwords to strong, secure passwords is part of our process.

Failing to update systems. Security holes exist in your operating system and no software is perfect.

We provide both native Microsoft patch management as well as patch management from third parties for targeted applications, such as Adobe products, Java, QuickTime and others. This is part of our standard managed services offering because we believe strongly that it needs to be done.

Failing to properly authenticate callers.

Most of our clients provide us with a list of authorized individuals who are allowed to initiate changes on their networks. Where required, we can also use a challenge/response protocol to authenticate individuals who contact us for helpdesk support on behalf of a client organization.

Failure to maintain and test backups.

At Tango, we believe that any IT service is rendered irrelevant if excellent backups are not maintained. To protect client data from disaster, we regularly back up business data and we validate that the backups are successful on a daily basis. We also perform a test “restore” process once per month for any client engaged with us under a managed services contract.

Failure to confirm that your disaster recovery plan actually works.

We provide backup and disaster recovery services for SMB clients. In our experience, most SMBs do not have disaster recovery or business continuity (DR/BC) plans in place and find it too expensive to justify the cost of, for example, maintaining two completely redundant IT infrastructures with fail-over. Our cloud services offerings substantially reduce these costs and make DR/BC accessible to small and mid-sized customers.

Failing to implement or update virus detection software.

Tango implements a “defense and depth” strategy of protection against viruses, malware, spyware at the email server, the network gateway and the desktop to ensure that your systems are fully protected. This is another core service in our managed IT service offering, no exceptions!

Failing to educate users. Users need to know exactly what kinds of threats are out there.

In our managed IT service industry, end-user knowledge (and lack thereof) is perhaps the most common area of risk that affects our customers. A lack of awareness or sophistication can lead to users opening their systems to viruses, spyware, phishing and other threats. The solution is to mitigate risk through ongoing end-user training. In addition, Tango builds client IT architectures such that end users are removed from critical decision-making processes. For example, next-generation firewalls and email security applications remove most of the risk from vulnerability attacks. But, education is still the first line of defense!

Trying to do it all yourself.

Even if you have an IT resource on staff, it’s simply not realistic for an SMB to effective manage all aspects of IT effectively. In a previous article about knowing when it’s time to hire an IT resource <link once that blog is approved & posted>, I outlined that four skill sets that a corporate IT department of any size must possess, and provided an ROI/budgeting model to help you determine how best to fill those needs. Chances are good that a partially or fully outsourced managed IT service model will make the best sense for your business.

Failing to recognize “insider threats”.

Any malicious, untrustworthy or disgruntled employee presents a risk if they are not properly monitored. If you operate in a strict regulatory environment or have other reasons to be concerned about insiders hacking, stealing or selling your sensitive business and customer data, there are a number of checks that we can build into your IT architecture and roadmap. This may include implementing monitoring measures on specific systems, devices or network resources. It may also require high-security physical restrictions on employees who enter and leave your premises. Our IT strategy and virtual CIOservices can be leveraged to provide expertise, insight and solutions to these and other big-picture IT concerns.

What You Can Do Now

To evaluate your organization’s IT security against these and other potential risks, contact us for an IT security audit.

A recent survey of 145 professionals responsible for IT security in small- and mid-sized enterprises (SMEs) recently found that 87% of SMBs have inadequate or out of date disaster recovery plans. Another 45% of them don’t enforce security policies.

SMEs are remarkable for operating under many pressures while being one of the major drivers of economic growth today. By keeping a close eye on the bottom line, minimizing overhead and investing in innovation, SMEs have become the providers of some of our favourite products, apps, and necessary services – like accounting, financial assistance, legal advice and more.

Despite all of the things that attract us to purchase from SMEs, we need to be able to trust them. That includes being assured that the data we entrust to them is protected, and that the services we rely on them for will be available even if disaster – such as fire or a data security breach – strikes.

One of the biggest challenges of operating an SME or other small organization is focusing on core competencies while taking care of the myriad non-core necessities – like IT security. Unless an SME is in the IT business, it’s not likely that they’re able to devote the significant resources necessary to staff IT personnel with the expertise or the time to take care of robust IT security, backup and disaster recovery in addition to that day-to-day IT needs of the organization.

That’s where Managed IT Services can help SMEs remain successful, vital contributors to our economies, our lives and our businesses.

As part of our Managed IT service, we at Tango Technology Group offer IT Backup and Disaster Recovery services that are tailored to SMEs. Because we work exclusively with small to mid-size businesses, we understand their pressures and their needs. Our services are designed to give SMEs and their customers peace of mind about the security of financial, marketing, sales, human resources and other business data. And, we do so affordably, with a managed IT service model that provides predictability for the SME budget.

Most importantly, we also work with our clients to review the specific needs of their businesses in order to ensure alignment between the business, its customers and its vital IT infrastructure.

I’d welcome the opportunity to talk to you about protecting your business and your customers from untimely disasters. Contact me at: dtremblay(at)tangotechnologygroup.com.

At Tango Technology Group we like to say that we take a business-centric approach to technology. It’s definitely what makes us unique among other providers of IT services to small- and mid-size business customers. But what does it really mean to be “business-centric”, and why should a small- or mid-sized business (SMB) care?

In practical terms, being business-centric means that when I recommend an investment in technology to a client, I have first determined how that technology will enable the client to be more efficient and/or to drive more revenue. If I can’t make that business case clear then I can’t recommend the investment.

In philosophical terms, it means that at Tango, we focus as much on understanding WHY we deploy technology as we do on HOW it is deployed. Unfortunately, this is an atypical approach in our industry – but we’ve been business owners and managers in a variety of forms for long enough that we know it’s the only approach that makes sense today.

There really is no business today that isn’t influenced by technology. Most absolutely depend on IT to serve customers and to conform to standards and regulations. Savvy SMBs are now leveraging technology to gain competitive advantages – and helping them do it is what we do best.

Again in practical terms, here are some examples of what we do to help SMBs leverage technology to gain competitive advantage:

Protect customer and business data with offsite data backup and recovery

I’d be happy to speak with you to discuss how we can work with you to ensure that technology is part of your strategic business plan. I also invite you to read about some of our customer projects and success stories.